@flowerforce/flowerbase 1.7.5-beta.1 → 1.7.5-beta.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/features/functions/controller.d.ts.map +1 -1
- package/dist/features/functions/controller.js +14 -3
- package/dist/features/triggers/index.d.ts.map +1 -1
- package/dist/features/triggers/index.js +2 -0
- package/dist/services/api/index.d.ts +4 -0
- package/dist/services/api/index.d.ts.map +1 -1
- package/dist/services/api/utils.d.ts +1 -0
- package/dist/services/api/utils.d.ts.map +1 -1
- package/dist/services/index.d.ts +4 -0
- package/dist/services/index.d.ts.map +1 -1
- package/dist/services/mongodb-atlas/utils.d.ts.map +1 -1
- package/dist/services/mongodb-atlas/utils.js +17 -1
- package/dist/utils/context/helpers.d.ts +12 -0
- package/dist/utils/context/helpers.d.ts.map +1 -1
- package/dist/utils/roles/helpers.d.ts.map +1 -1
- package/dist/utils/roles/helpers.js +19 -4
- package/dist/utils/roles/interface.d.ts +10 -6
- package/dist/utils/roles/interface.d.ts.map +1 -1
- package/dist/utils/roles/machines/commonValidators.js +2 -2
- package/dist/utils/roles/machines/fieldPermissions.d.ts +8 -0
- package/dist/utils/roles/machines/fieldPermissions.d.ts.map +1 -0
- package/dist/utils/roles/machines/fieldPermissions.js +67 -0
- package/dist/utils/roles/machines/read/A/index.d.ts.map +1 -1
- package/dist/utils/roles/machines/read/A/index.js +4 -3
- package/dist/utils/roles/machines/read/C/index.d.ts.map +1 -1
- package/dist/utils/roles/machines/read/C/index.js +16 -16
- package/dist/utils/roles/machines/read/C/validators.js +2 -2
- package/dist/utils/roles/machines/read/D/index.js +1 -1
- package/dist/utils/roles/machines/read/D/validators.d.ts +1 -1
- package/dist/utils/roles/machines/read/D/validators.d.ts.map +1 -1
- package/dist/utils/roles/machines/read/D/validators.js +19 -21
- package/dist/utils/roles/machines/write/B/index.d.ts.map +1 -1
- package/dist/utils/roles/machines/write/B/index.js +12 -9
- package/dist/utils/roles/machines/write/C/index.js +1 -1
- package/dist/utils/roles/machines/write/C/validators.d.ts +1 -1
- package/dist/utils/roles/machines/write/C/validators.d.ts.map +1 -1
- package/dist/utils/roles/machines/write/C/validators.js +16 -21
- package/package.json +1 -1
- package/src/features/functions/controller.ts +16 -3
- package/src/features/triggers/__tests__/index.test.ts +75 -0
- package/src/features/triggers/index.ts +1 -0
- package/src/services/mongodb-atlas/__tests__/findOneAndUpdate.test.ts +1 -1
- package/src/services/mongodb-atlas/utils.ts +19 -4
- package/src/utils/__tests__/STEP_A_STATES.test.ts +24 -2
- package/src/utils/__tests__/STEP_C_STATES.test.ts +61 -27
- package/src/utils/__tests__/STEP_D_STATES.test.ts +9 -9
- package/src/utils/__tests__/WRITE_STEP_B_STATES.test.ts +184 -0
- package/src/utils/__tests__/checkAdditionalFieldsFn.test.ts +2 -2
- package/src/utils/__tests__/checkFieldsPropertyExists.test.ts +13 -0
- package/src/utils/__tests__/checkIsValidFieldNameFn.test.ts +52 -121
- package/src/utils/__tests__/evaluateTopLevelReadFn.test.ts +10 -1
- package/src/utils/__tests__/evaluateTopLevelWriteFn.test.ts +21 -5
- package/src/utils/roles/helpers.ts +18 -4
- package/src/utils/roles/interface.ts +13 -6
- package/src/utils/roles/machines/commonValidators.ts +1 -1
- package/src/utils/roles/machines/fieldPermissions.ts +86 -0
- package/src/utils/roles/machines/read/A/index.ts +4 -3
- package/src/utils/roles/machines/read/C/index.ts +18 -18
- package/src/utils/roles/machines/read/C/validators.ts +2 -2
- package/src/utils/roles/machines/read/D/index.ts +1 -1
- package/src/utils/roles/machines/read/D/validators.ts +12 -25
- package/src/utils/roles/machines/write/B/index.ts +12 -9
- package/src/utils/roles/machines/write/C/index.ts +1 -1
- package/src/utils/roles/machines/write/C/validators.ts +9 -26
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"controller.d.ts","sourceRoot":"","sources":["../../../src/features/functions/controller.ts"],"names":[],"mappings":"AAOA,OAAO,EAAE,kBAAkB,EAAE,MAAM,aAAa,CAAA;
|
|
1
|
+
{"version":3,"file":"controller.d.ts","sourceRoot":"","sources":["../../../src/features/functions/controller.ts"],"names":[],"mappings":"AAOA,OAAO,EAAE,kBAAkB,EAAE,MAAM,aAAa,CAAA;AAgGhD;;;;;GAKG;AACH,eAAO,MAAM,mBAAmB,EAAE,kBAsPjC,CAAA"}
|
|
@@ -58,6 +58,16 @@ const isReturnedError = (value) => {
|
|
|
58
58
|
};
|
|
59
59
|
const serializeEjson = (value) => JSON.stringify(bson_1.EJSON.serialize(value, { relaxed: false }));
|
|
60
60
|
const isRecord = (value) => !!value && typeof value === 'object' && !Array.isArray(value);
|
|
61
|
+
const isCursorLike = (value) => {
|
|
62
|
+
if (!value || typeof value !== 'object')
|
|
63
|
+
return false;
|
|
64
|
+
return typeof value.toArray === 'function';
|
|
65
|
+
};
|
|
66
|
+
const normalizeFunctionResult = (value) => __awaiter(void 0, void 0, void 0, function* () {
|
|
67
|
+
if (!isCursorLike(value))
|
|
68
|
+
return value;
|
|
69
|
+
return yield value.toArray();
|
|
70
|
+
});
|
|
61
71
|
const sharedWatchStreams = new Map();
|
|
62
72
|
let watchSubscriberCounter = 0;
|
|
63
73
|
const parseWatchFilter = (args) => {
|
|
@@ -136,12 +146,13 @@ const functionsController = (app_1, _a) => __awaiter(void 0, [app_1, _a], void 0
|
|
|
136
146
|
functionsList,
|
|
137
147
|
services: services_1.services
|
|
138
148
|
});
|
|
139
|
-
|
|
149
|
+
const normalizedResult = yield normalizeFunctionResult(result);
|
|
150
|
+
if (isReturnedError(normalizedResult)) {
|
|
140
151
|
res.type('application/json');
|
|
141
|
-
return JSON.stringify({ message:
|
|
152
|
+
return JSON.stringify({ message: normalizedResult.message, name: normalizedResult.name });
|
|
142
153
|
}
|
|
143
154
|
res.type('application/json');
|
|
144
|
-
return serializeEjson(
|
|
155
|
+
return serializeEjson(normalizedResult);
|
|
145
156
|
}
|
|
146
157
|
catch (error) {
|
|
147
158
|
res.status(400);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/features/triggers/index.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,sBAAsB,EAAE,MAAM,QAAQ,CAAA;AAG/C;;;;;;GAMG;AACH,eAAO,MAAM,gBAAgB,GAAU,0CAIpC,sBAAsB,
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/features/triggers/index.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,sBAAsB,EAAE,MAAM,QAAQ,CAAA;AAG/C;;;;;;GAMG;AACH,eAAO,MAAM,gBAAgB,GAAU,0CAIpC,sBAAsB,kBAqExB,CAAA"}
|
|
@@ -79,6 +79,8 @@ const activateTriggers = (_a) => __awaiter(void 0, [_a], void 0, function* ({ fa
|
|
|
79
79
|
_f = false;
|
|
80
80
|
const trigger = _d;
|
|
81
81
|
const { content } = trigger;
|
|
82
|
+
if (content.disabled)
|
|
83
|
+
continue;
|
|
82
84
|
const { type, config, event_processors } = content;
|
|
83
85
|
const functionName = event_processors.FUNCTION.config.function_name;
|
|
84
86
|
const triggerHandler = functionsList[functionName];
|
|
@@ -30,6 +30,7 @@ declare const Api: (_app?: unknown, opt?: {
|
|
|
30
30
|
bytes: () => Uint8Array<ArrayBuffer>;
|
|
31
31
|
};
|
|
32
32
|
statusCode: number;
|
|
33
|
+
statusText: string;
|
|
33
34
|
headers: import("undici/types/header").IncomingHttpHeaders;
|
|
34
35
|
trailers: Record<string, string>;
|
|
35
36
|
opaque: T;
|
|
@@ -58,6 +59,7 @@ declare const Api: (_app?: unknown, opt?: {
|
|
|
58
59
|
bytes: () => Uint8Array<ArrayBuffer>;
|
|
59
60
|
};
|
|
60
61
|
statusCode: number;
|
|
62
|
+
statusText: string;
|
|
61
63
|
headers: import("undici/types/header").IncomingHttpHeaders;
|
|
62
64
|
trailers: Record<string, string>;
|
|
63
65
|
opaque: T;
|
|
@@ -86,6 +88,7 @@ declare const Api: (_app?: unknown, opt?: {
|
|
|
86
88
|
bytes: () => Uint8Array<ArrayBuffer>;
|
|
87
89
|
};
|
|
88
90
|
statusCode: number;
|
|
91
|
+
statusText: string;
|
|
89
92
|
headers: import("undici/types/header").IncomingHttpHeaders;
|
|
90
93
|
trailers: Record<string, string>;
|
|
91
94
|
opaque: T;
|
|
@@ -114,6 +117,7 @@ declare const Api: (_app?: unknown, opt?: {
|
|
|
114
117
|
bytes: () => Uint8Array<ArrayBuffer>;
|
|
115
118
|
};
|
|
116
119
|
statusCode: number;
|
|
120
|
+
statusText: string;
|
|
117
121
|
headers: import("undici/types/header").IncomingHttpHeaders;
|
|
118
122
|
trailers: Record<string, string>;
|
|
119
123
|
opaque: T;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/services/api/index.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,YAAY,EAAE,SAAS,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,SAAS,CAAA;AAGxE;;GAEG;AACH,QAAA,MAAM,GAAG,GAAI,OAAO,OAAO,EAAE,MAAM;IAAE,UAAU,CAAC,EAAE;QAAE,WAAW,CAAC,EAAE,MAAM,CAAA;KAAE,CAAA;CAAE;UAG5D,CAAC,wCAAoD,SAAS
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/services/api/index.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,YAAY,EAAE,SAAS,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,SAAS,CAAA;AAGxE;;GAEG;AACH,QAAA,MAAM,GAAG,GAAI,OAAO,OAAO,EAAE,MAAM;IAAE,UAAU,CAAC,EAAE;QAAE,WAAW,CAAC,EAAE,MAAM,CAAA;KAAE,CAAA;CAAE;UAG5D,CAAC,wCAAoD,SAAS;;;;;;;;;;;;;;;;;;;;;;;;;;;;;WAuB7D,CAAC,gGASX,UAAU;;;;;;;;;;;;;;;;;;;;;;;;;;;;;UA+BD,CAAC,gGASV,SAAS;;;;;;;;;;;;;;;;;;;;;;;;;;;;;aA+BG,CAAC,wEAOb,YAAY;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CAyBlB,CAAA;AAED,eAAe,GAAG,CAAA"}
|
|
@@ -29,6 +29,7 @@ export declare const makeRequest: <T = null>({ method, url, headers, body, resol
|
|
|
29
29
|
bytes: () => Uint8Array<ArrayBuffer>;
|
|
30
30
|
};
|
|
31
31
|
statusCode: number;
|
|
32
|
+
statusText: string;
|
|
32
33
|
headers: import("undici/types/header").IncomingHttpHeaders;
|
|
33
34
|
trailers: Record<string, string>;
|
|
34
35
|
opaque: T;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../../../src/services/api/utils.ts"],"names":[],"mappings":"AAEA,OAAO,EAAS,iBAAiB,EAAE,MAAM,SAAS,CAAA;AAgBlD;;;;;;GAMG;AACH,eAAO,MAAM,WAAW,GAAU,CAAC,GAAG,IAAI,EAAE,6CAMzC,iBAAiB
|
|
1
|
+
{"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../../../src/services/api/utils.ts"],"names":[],"mappings":"AAEA,OAAO,EAAS,iBAAiB,EAAE,MAAM,SAAS,CAAA;AAgBlD;;;;;;GAMG;AACH,eAAO,MAAM,WAAW,GAAU,CAAC,GAAG,IAAI,EAAE,6CAMzC,iBAAiB;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAgBnB,CAAA"}
|
package/dist/services/index.d.ts
CHANGED
|
@@ -27,6 +27,7 @@ export declare const services: {
|
|
|
27
27
|
bytes: () => Uint8Array<ArrayBuffer>;
|
|
28
28
|
};
|
|
29
29
|
statusCode: number;
|
|
30
|
+
statusText: string;
|
|
30
31
|
headers: import("undici/types/header").IncomingHttpHeaders;
|
|
31
32
|
trailers: Record<string, string>;
|
|
32
33
|
opaque: T;
|
|
@@ -55,6 +56,7 @@ export declare const services: {
|
|
|
55
56
|
bytes: () => Uint8Array<ArrayBuffer>;
|
|
56
57
|
};
|
|
57
58
|
statusCode: number;
|
|
59
|
+
statusText: string;
|
|
58
60
|
headers: import("undici/types/header").IncomingHttpHeaders;
|
|
59
61
|
trailers: Record<string, string>;
|
|
60
62
|
opaque: T;
|
|
@@ -83,6 +85,7 @@ export declare const services: {
|
|
|
83
85
|
bytes: () => Uint8Array<ArrayBuffer>;
|
|
84
86
|
};
|
|
85
87
|
statusCode: number;
|
|
88
|
+
statusText: string;
|
|
86
89
|
headers: import("undici/types/header").IncomingHttpHeaders;
|
|
87
90
|
trailers: Record<string, string>;
|
|
88
91
|
opaque: T;
|
|
@@ -111,6 +114,7 @@ export declare const services: {
|
|
|
111
114
|
bytes: () => Uint8Array<ArrayBuffer>;
|
|
112
115
|
};
|
|
113
116
|
statusCode: number;
|
|
117
|
+
statusText: string;
|
|
114
118
|
headers: import("undici/types/header").IncomingHttpHeaders;
|
|
115
119
|
trailers: Record<string, string>;
|
|
116
120
|
opaque: T;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/services/index.ts"],"names":[],"mappings":"AAKA,eAAO,MAAM,QAAQ;;kBAMoG,CAAC;uBAAe,CAAC
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/services/index.ts"],"names":[],"mappings":"AAKA,eAAO,MAAM,QAAQ;;kBAMoG,CAAC;uBAAe,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;kBAA2hB,CAAC;uBAAe,CAAC;;;;;;;;;;;;;;;;sBAA0/F,CAAC;yBAAa,CAAC;;;;;;;;;;;CAD9rH,CAAA"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../../../src/services/mongodb-atlas/utils.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAA;AAElC,OAAO,EAAE,UAAU,EAAE,QAAQ,EAAE,MAAM,IAAI,aAAa,EAAE,MAAM,SAAS,CAAA;AACvE,OAAO,EAAE,IAAI,EAAE,MAAM,iBAAiB,CAAA;AACtC,OAAO,EACL,mBAAmB,EAEnB,MAAM,EAEN,UAAU,EACV,KAAK,EAGN,MAAM,gCAAgC,CAAA;AACvC,OAAO,EAAE,IAAI,EAAE,MAAM,6BAA6B,CAAA;AAGlD,OAAO,EAAE,eAAe,EAAE,kBAAkB,EAAE,MAAM,SAAS,CAAA;AAE7D,eAAO,MAAM,YAAY,GAAI,CAAC,SAAS,IAAI,GAAG,MAAM,EAAE,2BAInD,kBAAkB,CAAC,CAAC,CAAC,QA8BvB,CAAA;AAED,eAAO,MAAM,iBAAiB,GAC5B,UAAS,MAAM,EAAO,EACtB,QAAQ,UAAU,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,EACtD,OAAO,IAAI,8BAcZ,CAAA;AAED,eAAO,MAAM,sBAAsB,GACjC,UAAS,MAAM,EAAO,EACtB,OAAO,IAAI,KACV,UAAU,GAAG,IAaf,CAAA;AAED,eAAO,MAAM,4BAA4B,GACvC,UAAU,mBAAmB,EAC7B,OAAO,MAAM,CACX,MAAM,EACN;IACE,OAAO,CAAC,EAAE,MAAM,EAAE,CAAA;IAClB,KAAK,CAAC,EAAE,IAAI,EAAE,CAAA;CACf,CACF,EACD,MAAM,IAAI,EACV,gBAAgB,MAAM,EACtB,UAAU;IACR,gBAAgB,CAAC,EAAE,OAAO,CAAA;CAC3B,KACA,mBA6GF,CAAA;AAED,eAAO,MAAM,kBAAkB,GAC7B,OAAO,KAAK,EACZ,gBAAgB,MAAM,EACtB,WAAW,eAAe,SAM3B,CAAA;AAED,wBAAgB,cAAc,CAAC,KAAK,EAAE,aAAa,CAAC,QAAQ,CAAC,EAAE;;;;;;;;
|
|
1
|
+
{"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../../../src/services/mongodb-atlas/utils.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAA;AAElC,OAAO,EAAE,UAAU,EAAE,QAAQ,EAAE,MAAM,IAAI,aAAa,EAAE,MAAM,SAAS,CAAA;AACvE,OAAO,EAAE,IAAI,EAAE,MAAM,iBAAiB,CAAA;AACtC,OAAO,EACL,mBAAmB,EAEnB,MAAM,EAEN,UAAU,EACV,KAAK,EAGN,MAAM,gCAAgC,CAAA;AACvC,OAAO,EAAE,IAAI,EAAE,MAAM,6BAA6B,CAAA;AAGlD,OAAO,EAAE,eAAe,EAAE,kBAAkB,EAAE,MAAM,SAAS,CAAA;AAE7D,eAAO,MAAM,YAAY,GAAI,CAAC,SAAS,IAAI,GAAG,MAAM,EAAE,2BAInD,kBAAkB,CAAC,CAAC,CAAC,QA8BvB,CAAA;AAED,eAAO,MAAM,iBAAiB,GAC5B,UAAS,MAAM,EAAO,EACtB,QAAQ,UAAU,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,EACtD,OAAO,IAAI,8BAcZ,CAAA;AAED,eAAO,MAAM,sBAAsB,GACjC,UAAS,MAAM,EAAO,EACtB,OAAO,IAAI,KACV,UAAU,GAAG,IAaf,CAAA;AAED,eAAO,MAAM,4BAA4B,GACvC,UAAU,mBAAmB,EAC7B,OAAO,MAAM,CACX,MAAM,EACN;IACE,OAAO,CAAC,EAAE,MAAM,EAAE,CAAA;IAClB,KAAK,CAAC,EAAE,IAAI,EAAE,CAAA;CACf,CACF,EACD,MAAM,IAAI,EACV,gBAAgB,MAAM,EACtB,UAAU;IACR,gBAAgB,CAAC,EAAE,OAAO,CAAA;CAC3B,KACA,mBA6GF,CAAA;AAED,eAAO,MAAM,kBAAkB,GAC7B,OAAO,KAAK,EACZ,gBAAgB,MAAM,EACtB,WAAW,eAAe,SAM3B,CAAA;AAED,wBAAgB,cAAc,CAAC,KAAK,EAAE,aAAa,CAAC,QAAQ,CAAC,EAAE;;;;;;;;iBA0I8iqS,CAAC;sBAAgC,CAAC;2BAAsC,CAAC;;;;IAlIrrqS;AAED,eAAO,MAAM,0BAA0B,GAAI,UAAU,QAAQ,EAAE,aAgC9D,CAAA;AAYD,wBAAgB,0BAA0B,CAAC,QAAQ,EAAE,mBAAmB,QA+BvE;AAED,wBAAgB,8BAA8B,CAAC,WAAW,CAAC,EAAE;IAAE,KAAK,CAAC,EAAE,IAAI,EAAE,CAAA;CAAE,YAK9E;AAwCD,wBAAgB,iBAAiB,CAAC,QAAQ,EAAE,mBAAmB,EAAE,YAAY,EAAE,MAAM,EAAE,uBAKtF"}
|
|
@@ -217,6 +217,7 @@ function getHiddenFieldsFromRulesConfig(rulesConfig) {
|
|
|
217
217
|
}
|
|
218
218
|
function collectHiddenFieldsFromRoles(roles = []) {
|
|
219
219
|
const hiddenFields = new Set();
|
|
220
|
+
const isFieldPermissionObject = (value) => !!value && typeof value === 'object' && ('read' in value || 'write' in value);
|
|
220
221
|
const collectFromFields = (fields) => {
|
|
221
222
|
if (!fields)
|
|
222
223
|
return;
|
|
@@ -227,9 +228,24 @@ function collectHiddenFieldsFromRoles(roles = []) {
|
|
|
227
228
|
}
|
|
228
229
|
});
|
|
229
230
|
};
|
|
231
|
+
const collectFromAdditionalFields = (fields) => {
|
|
232
|
+
if (!fields || typeof fields !== 'object')
|
|
233
|
+
return;
|
|
234
|
+
// Global additional_fields permissions (read/write) apply to unknown fields and cannot be mapped.
|
|
235
|
+
if (isFieldPermissionObject(fields))
|
|
236
|
+
return;
|
|
237
|
+
Object.entries(fields).forEach(([fieldName, permissions]) => {
|
|
238
|
+
if (!isFieldPermissionObject(permissions))
|
|
239
|
+
return;
|
|
240
|
+
const canRead = Boolean(permissions.read || permissions.write);
|
|
241
|
+
if (!canRead) {
|
|
242
|
+
hiddenFields.add(fieldName);
|
|
243
|
+
}
|
|
244
|
+
});
|
|
245
|
+
};
|
|
230
246
|
roles.forEach((role) => {
|
|
231
247
|
collectFromFields(role.fields);
|
|
232
|
-
|
|
248
|
+
collectFromAdditionalFields(role.additional_fields);
|
|
233
249
|
});
|
|
234
250
|
return Array.from(hiddenFields);
|
|
235
251
|
}
|
|
@@ -82,6 +82,7 @@ export declare const generateContextData: ({ user, services, app, rules, current
|
|
|
82
82
|
bytes: () => Uint8Array<ArrayBuffer>;
|
|
83
83
|
};
|
|
84
84
|
statusCode: number;
|
|
85
|
+
statusText: string;
|
|
85
86
|
headers: import("undici/types/header").IncomingHttpHeaders;
|
|
86
87
|
trailers: Record<string, string>;
|
|
87
88
|
opaque: T;
|
|
@@ -110,6 +111,7 @@ export declare const generateContextData: ({ user, services, app, rules, current
|
|
|
110
111
|
bytes: () => Uint8Array<ArrayBuffer>;
|
|
111
112
|
};
|
|
112
113
|
statusCode: number;
|
|
114
|
+
statusText: string;
|
|
113
115
|
headers: import("undici/types/header").IncomingHttpHeaders;
|
|
114
116
|
trailers: Record<string, string>;
|
|
115
117
|
opaque: T;
|
|
@@ -138,6 +140,7 @@ export declare const generateContextData: ({ user, services, app, rules, current
|
|
|
138
140
|
bytes: () => Uint8Array<ArrayBuffer>;
|
|
139
141
|
};
|
|
140
142
|
statusCode: number;
|
|
143
|
+
statusText: string;
|
|
141
144
|
headers: import("undici/types/header").IncomingHttpHeaders;
|
|
142
145
|
trailers: Record<string, string>;
|
|
143
146
|
opaque: T;
|
|
@@ -166,6 +169,7 @@ export declare const generateContextData: ({ user, services, app, rules, current
|
|
|
166
169
|
bytes: () => Uint8Array<ArrayBuffer>;
|
|
167
170
|
};
|
|
168
171
|
statusCode: number;
|
|
172
|
+
statusText: string;
|
|
169
173
|
headers: import("undici/types/header").IncomingHttpHeaders;
|
|
170
174
|
trailers: Record<string, string>;
|
|
171
175
|
opaque: T;
|
|
@@ -230,6 +234,7 @@ export declare const generateContextData: ({ user, services, app, rules, current
|
|
|
230
234
|
bytes: () => Uint8Array<ArrayBuffer>;
|
|
231
235
|
};
|
|
232
236
|
statusCode: number;
|
|
237
|
+
statusText: string;
|
|
233
238
|
headers: import("undici/types/header").IncomingHttpHeaders;
|
|
234
239
|
trailers: Record<string, string>;
|
|
235
240
|
opaque: T;
|
|
@@ -258,6 +263,7 @@ export declare const generateContextData: ({ user, services, app, rules, current
|
|
|
258
263
|
bytes: () => Uint8Array<ArrayBuffer>;
|
|
259
264
|
};
|
|
260
265
|
statusCode: number;
|
|
266
|
+
statusText: string;
|
|
261
267
|
headers: import("undici/types/header").IncomingHttpHeaders;
|
|
262
268
|
trailers: Record<string, string>;
|
|
263
269
|
opaque: T;
|
|
@@ -286,6 +292,7 @@ export declare const generateContextData: ({ user, services, app, rules, current
|
|
|
286
292
|
bytes: () => Uint8Array<ArrayBuffer>;
|
|
287
293
|
};
|
|
288
294
|
statusCode: number;
|
|
295
|
+
statusText: string;
|
|
289
296
|
headers: import("undici/types/header").IncomingHttpHeaders;
|
|
290
297
|
trailers: Record<string, string>;
|
|
291
298
|
opaque: T;
|
|
@@ -314,6 +321,7 @@ export declare const generateContextData: ({ user, services, app, rules, current
|
|
|
314
321
|
bytes: () => Uint8Array<ArrayBuffer>;
|
|
315
322
|
};
|
|
316
323
|
statusCode: number;
|
|
324
|
+
statusText: string;
|
|
317
325
|
headers: import("undici/types/header").IncomingHttpHeaders;
|
|
318
326
|
trailers: Record<string, string>;
|
|
319
327
|
opaque: T;
|
|
@@ -377,6 +385,7 @@ export declare const generateContextData: ({ user, services, app, rules, current
|
|
|
377
385
|
bytes: () => Uint8Array<ArrayBuffer>;
|
|
378
386
|
};
|
|
379
387
|
statusCode: number;
|
|
388
|
+
statusText: string;
|
|
380
389
|
headers: import("undici/types/header").IncomingHttpHeaders;
|
|
381
390
|
trailers: Record<string, string>;
|
|
382
391
|
opaque: T;
|
|
@@ -405,6 +414,7 @@ export declare const generateContextData: ({ user, services, app, rules, current
|
|
|
405
414
|
bytes: () => Uint8Array<ArrayBuffer>;
|
|
406
415
|
};
|
|
407
416
|
statusCode: number;
|
|
417
|
+
statusText: string;
|
|
408
418
|
headers: import("undici/types/header").IncomingHttpHeaders;
|
|
409
419
|
trailers: Record<string, string>;
|
|
410
420
|
opaque: T;
|
|
@@ -433,6 +443,7 @@ export declare const generateContextData: ({ user, services, app, rules, current
|
|
|
433
443
|
bytes: () => Uint8Array<ArrayBuffer>;
|
|
434
444
|
};
|
|
435
445
|
statusCode: number;
|
|
446
|
+
statusText: string;
|
|
436
447
|
headers: import("undici/types/header").IncomingHttpHeaders;
|
|
437
448
|
trailers: Record<string, string>;
|
|
438
449
|
opaque: T;
|
|
@@ -461,6 +472,7 @@ export declare const generateContextData: ({ user, services, app, rules, current
|
|
|
461
472
|
bytes: () => Uint8Array<ArrayBuffer>;
|
|
462
473
|
};
|
|
463
474
|
statusCode: number;
|
|
475
|
+
statusText: string;
|
|
464
476
|
headers: import("undici/types/header").IncomingHttpHeaders;
|
|
465
477
|
trailers: Record<string, string>;
|
|
466
478
|
opaque: T;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"helpers.d.ts","sourceRoot":"","sources":["../../../src/utils/context/helpers.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,kBAAkB,CAAA;AAG1C,OAAO,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAA;AAE3C,OAAO,EAAE,yBAAyB,EAAE,MAAM,aAAa,CAAA;AAEvD,KAAK,QAAQ,GAAG;IACd,MAAM,EAAE,CACN,aAAa,EAAE,MAAM,EACrB,OAAO,EAAE,OAAO,EAChB,MAAM,EAAE,MAAM,GAAG,MAAM,EACvB,kBAAkB,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,KACzC,MAAM,CAAA;IACX,MAAM,EAAE,CACN,SAAS,EAAE,MAAM,EACjB,GAAG,EAAE,MAAM,GAAG,MAAM,EACpB,YAAY,CAAC,EAAE,OAAO,EACtB,sBAAsB,CAAC,EAAE,MAAM,EAAE,KAC9B,OAAO,CAAA;CACb,CAAA;AAgFD;;;;;;;;;GASG;AACH,eAAO,MAAM,mBAAmB,GAAI,4GAUjC,yBAAyB;;;;;;;;;;;;;uBA4DP,SAAS;yBAGP,SAAS;;;;;;;;;;;;;;;;;;uBAcb,MAAM;;;;;;+BA5CU,MAAM,OAAO,QAAQ;;;;sCA1HrC,CAAC
|
|
1
|
+
{"version":3,"file":"helpers.d.ts","sourceRoot":"","sources":["../../../src/utils/context/helpers.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,kBAAkB,CAAA;AAG1C,OAAO,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAA;AAE3C,OAAO,EAAE,yBAAyB,EAAE,MAAM,aAAa,CAAA;AAEvD,KAAK,QAAQ,GAAG;IACd,MAAM,EAAE,CACN,aAAa,EAAE,MAAM,EACrB,OAAO,EAAE,OAAO,EAChB,MAAM,EAAE,MAAM,GAAG,MAAM,EACvB,kBAAkB,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,KACzC,MAAM,CAAA;IACX,MAAM,EAAE,CACN,SAAS,EAAE,MAAM,EACjB,GAAG,EAAE,MAAM,GAAG,MAAM,EACpB,YAAY,CAAC,EAAE,OAAO,EACtB,sBAAsB,CAAC,EAAE,MAAM,EAAE,KAC9B,OAAO,CAAA;CACb,CAAA;AAgFD;;;;;;;;;GASG;AACH,eAAO,MAAM,mBAAmB,GAAI,4GAUjC,yBAAyB;;;;;;;;;;;;;uBA4DP,SAAS;yBAGP,SAAS;;;;;;;;;;;;;;;;;;uBAcb,MAAM;;;;;;+BA5CU,MAAM,OAAO,QAAQ;;;;sCA1HrC,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;8BAsGT,CAAC;iCAAa,CAAC;;;;;;;;;;;;;;;;;;;kCAtGP,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;0BAsGT,CAAC;6BAAa,CAAC;;;;;;;;;;;;;;;;;;kCAtGP,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;0BAsGT,CAAC;6BAAa,CAAC;;;;;;;;;;;;;;;4BAyEF,MAAM,OAAO,aAAa,WAAW,SAAS;;;CAiBrE,CAAA"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"helpers.d.ts","sourceRoot":"","sources":["../../../src/utils/roles/helpers.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,oBAAoB,EAAE,MAAM,aAAa,CAAA;AAClD,OAAO,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAA;
|
|
1
|
+
{"version":3,"file":"helpers.d.ts","sourceRoot":"","sources":["../../../src/utils/roles/helpers.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,oBAAoB,EAAE,MAAM,aAAa,CAAA;AAClD,OAAO,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAA;AAgBrD,eAAO,MAAM,kBAAkB,GAC7B,QAAQ,cAAc,CAAC,QAAQ,CAAC,EAChC,aAAa,oBAAoB,EACjC,OAAO,cAAc,CAAC,MAAM,CAAC,KAC5B,OAAO,CAAC,OAAO,CAiBjB,CAAA"}
|
|
@@ -19,26 +19,41 @@ const context_1 = require("../context");
|
|
|
19
19
|
const rules_1 = require("../rules");
|
|
20
20
|
const utils_1 = __importDefault(require("../rules-matcher/utils"));
|
|
21
21
|
const functionsConditions = ['%%true', '%%false'];
|
|
22
|
+
const normalizeUserRole = (user) => {
|
|
23
|
+
if (!user)
|
|
24
|
+
return user;
|
|
25
|
+
if (typeof user !== 'object')
|
|
26
|
+
return user;
|
|
27
|
+
const candidate = user;
|
|
28
|
+
if (typeof candidate.role === 'string')
|
|
29
|
+
return user;
|
|
30
|
+
const customRole = typeof candidate.custom_data === 'object' && candidate.custom_data !== null
|
|
31
|
+
? candidate.custom_data.role
|
|
32
|
+
: undefined;
|
|
33
|
+
return typeof customRole === 'string' ? Object.assign(Object.assign({}, candidate), { role: customRole }) : user;
|
|
34
|
+
};
|
|
22
35
|
const evaluateExpression = (params, expression, user) => __awaiter(void 0, void 0, void 0, function* () {
|
|
23
36
|
if (!expression || typeof expression === 'boolean')
|
|
24
37
|
return !!expression;
|
|
25
|
-
const
|
|
38
|
+
const normalizedUser = normalizeUserRole(user);
|
|
39
|
+
const value = Object.assign(Object.assign(Object.assign({}, params.expansions), params.cursor), { '%%user': normalizedUser, '%%true': true });
|
|
26
40
|
const conditions = (0, rules_1.expandQuery)(expression, value);
|
|
27
41
|
const complexCondition = Object.entries(conditions).find(([key]) => functionsConditions.includes(key));
|
|
28
42
|
return complexCondition
|
|
29
|
-
? yield evaluateComplexExpression(complexCondition, params,
|
|
43
|
+
? yield evaluateComplexExpression(complexCondition, params, normalizedUser)
|
|
30
44
|
: utils_1.default.checkRule(conditions, value, {});
|
|
31
45
|
});
|
|
32
46
|
exports.evaluateExpression = evaluateExpression;
|
|
33
47
|
const evaluateComplexExpression = (condition, params, user) => __awaiter(void 0, void 0, void 0, function* () {
|
|
34
48
|
var _a;
|
|
35
49
|
const [key, config] = condition;
|
|
50
|
+
const normalizedUser = normalizeUserRole(user);
|
|
36
51
|
const functionConfig = config['%function'];
|
|
37
52
|
const { name, arguments: fnArguments } = functionConfig;
|
|
38
53
|
const functionsList = state_1.StateManager.select('functions');
|
|
39
54
|
const app = state_1.StateManager.select('app');
|
|
40
55
|
const currentFunction = functionsList[name];
|
|
41
|
-
const expansionContext = Object.assign(Object.assign(Object.assign({}, params.expansions), params.cursor), { '%%root': params.cursor, '%%user':
|
|
56
|
+
const expansionContext = Object.assign(Object.assign(Object.assign({}, params.expansions), params.cursor), { '%%root': params.cursor, '%%user': normalizedUser, '%%true': true, '%%false': false });
|
|
42
57
|
const expandedArguments = fnArguments && fnArguments.length
|
|
43
58
|
? ((_a = (0, rules_1.expandQuery)({ args: fnArguments }, expansionContext)
|
|
44
59
|
.args) !== null && _a !== void 0 ? _a : [])
|
|
@@ -47,7 +62,7 @@ const evaluateComplexExpression = (condition, params, user) => __awaiter(void 0,
|
|
|
47
62
|
args: expandedArguments,
|
|
48
63
|
app,
|
|
49
64
|
rules: state_1.StateManager.select("rules"),
|
|
50
|
-
user,
|
|
65
|
+
user: normalizedUser,
|
|
51
66
|
currentFunction,
|
|
52
67
|
functionName: name,
|
|
53
68
|
functionsList,
|
|
@@ -1,7 +1,13 @@
|
|
|
1
|
-
export type PermissionExpression = boolean
|
|
1
|
+
export type PermissionExpression = boolean | Record<string, unknown>;
|
|
2
2
|
export type FieldPermissionExpression = {
|
|
3
|
-
read?:
|
|
4
|
-
write?:
|
|
3
|
+
read?: PermissionExpression;
|
|
4
|
+
write?: PermissionExpression;
|
|
5
|
+
fields?: {
|
|
6
|
+
[K: string]: FieldPermissionExpression;
|
|
7
|
+
};
|
|
8
|
+
};
|
|
9
|
+
export type AdditionalFieldsPermissionExpression = FieldPermissionExpression | {
|
|
10
|
+
[K: string]: FieldPermissionExpression;
|
|
5
11
|
};
|
|
6
12
|
export interface DocumentFiltersPermissions {
|
|
7
13
|
read?: PermissionExpression;
|
|
@@ -19,9 +25,7 @@ export interface Role {
|
|
|
19
25
|
fields?: {
|
|
20
26
|
[K: string]: FieldPermissionExpression;
|
|
21
27
|
};
|
|
22
|
-
additional_fields?:
|
|
23
|
-
[K: string]: FieldPermissionExpression;
|
|
24
|
-
};
|
|
28
|
+
additional_fields?: AdditionalFieldsPermissionExpression;
|
|
25
29
|
}
|
|
26
30
|
export interface Params {
|
|
27
31
|
roles: Role[];
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"interface.d.ts","sourceRoot":"","sources":["../../../src/utils/roles/interface.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,oBAAoB,GAAG,OAAO,CAAA;
|
|
1
|
+
{"version":3,"file":"interface.d.ts","sourceRoot":"","sources":["../../../src/utils/roles/interface.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,oBAAoB,GAAG,OAAO,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;AAEpE,MAAM,MAAM,yBAAyB,GAAG;IACtC,IAAI,CAAC,EAAE,oBAAoB,CAAA;IAC3B,KAAK,CAAC,EAAE,oBAAoB,CAAA;IAC5B,MAAM,CAAC,EAAE;QACP,CAAC,CAAC,EAAE,MAAM,GAAG,yBAAyB,CAAA;KACvC,CAAA;CACF,CAAA;AAED,MAAM,MAAM,oCAAoC,GAC5C,yBAAyB,GACzB;IACE,CAAC,CAAC,EAAE,MAAM,GAAG,yBAAyB,CAAA;CACvC,CAAA;AAEL,MAAM,WAAW,0BAA0B;IACzC,IAAI,CAAC,EAAE,oBAAoB,CAAA;IAC3B,KAAK,CAAC,EAAE,oBAAoB,CAAA;CAC7B;AAED,MAAM,WAAW,IAAI;IACnB,IAAI,EAAE,MAAM,CAAA;IAEZ,UAAU,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAA;IAC/B,MAAM,CAAC,EAAE,oBAAoB,CAAA;IAC7B,gBAAgB,CAAC,EAAE,0BAA0B,CAAA;IAC7C,IAAI,CAAC,EAAE,oBAAoB,CAAA;IAC3B,KAAK,CAAC,EAAE,oBAAoB,CAAA;IAC5B,MAAM,CAAC,EAAE,oBAAoB,CAAA;IAC7B,MAAM,CAAC,EAAE,oBAAoB,CAAA;IAC7B,MAAM,CAAC,EAAE;QACP,CAAC,CAAC,EAAE,MAAM,GAAG,yBAAyB,CAAA;KACvC,CAAA;IACD,iBAAiB,CAAC,EAAE,oCAAoC,CAAA;CACzD;AAED,MAAM,WAAW,MAAM;IACrB,KAAK,EAAE,IAAI,EAAE,CAAA;IAEb,MAAM,EAAE,GAAG,CAAA;IAEX,UAAU,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAA;IAC/B,IAAI,EAAE,QAAQ,GAAG,MAAM,GAAG,QAAQ,GAAG,QAAQ,GAAG,OAAO,CAAA;CACxD;AAGD,MAAM,MAAM,SAAS,GAAG,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAA"}
|
|
@@ -29,9 +29,9 @@ const evaluateTopLevelPermissionsFn = (_a, currentType_1) => __awaiter(void 0, [
|
|
|
29
29
|
});
|
|
30
30
|
exports.evaluateTopLevelPermissionsFn = evaluateTopLevelPermissionsFn;
|
|
31
31
|
const checkFieldsPropertyExists = ({ role }) => {
|
|
32
|
-
var _a
|
|
32
|
+
var _a;
|
|
33
33
|
const hasFields = !!Object.keys((_a = role === null || role === void 0 ? void 0 : role.fields) !== null && _a !== void 0 ? _a : {}).length;
|
|
34
|
-
const hasAdditional =
|
|
34
|
+
const hasAdditional = typeof (role === null || role === void 0 ? void 0 : role.additional_fields) !== 'undefined';
|
|
35
35
|
return hasFields || hasAdditional;
|
|
36
36
|
};
|
|
37
37
|
exports.checkFieldsPropertyExists = checkFieldsPropertyExists;
|
|
@@ -0,0 +1,8 @@
|
|
|
1
|
+
import { Document } from 'mongodb';
|
|
2
|
+
import { Role } from '../interface';
|
|
3
|
+
import { MachineContext } from './interface';
|
|
4
|
+
export declare const hasAdditionalFieldsDefined: (role?: Role) => boolean;
|
|
5
|
+
export declare const filterDocumentByFieldPermissions: (context: Pick<MachineContext, "params" | "role" | "user">, mode: "read" | "write", options?: {
|
|
6
|
+
defaultAllow?: boolean;
|
|
7
|
+
}) => Promise<Document>;
|
|
8
|
+
//# sourceMappingURL=fieldPermissions.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"fieldPermissions.d.ts","sourceRoot":"","sources":["../../../../src/utils/roles/machines/fieldPermissions.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAA;AAElC,OAAO,EAGL,IAAI,EACL,MAAM,cAAc,CAAA;AACrB,OAAO,EAAE,cAAc,EAAE,MAAM,aAAa,CAAA;AA4C5C,eAAO,MAAM,0BAA0B,GAAI,OAAO,IAAI,YACN,CAAA;AAEhD,eAAO,MAAM,gCAAgC,GAC3C,SAAS,IAAI,CAAC,cAAc,EAAE,QAAQ,GAAG,MAAM,GAAG,MAAM,CAAC,EACzD,MAAM,MAAM,GAAG,OAAO,EACtB,UAAU;IACR,YAAY,CAAC,EAAE,OAAO,CAAA;CACvB,KACA,OAAO,CAAC,QAAQ,CAyBlB,CAAA"}
|
|
@@ -0,0 +1,67 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
|
|
3
|
+
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
|
|
4
|
+
return new (P || (P = Promise))(function (resolve, reject) {
|
|
5
|
+
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
|
|
6
|
+
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
|
|
7
|
+
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
|
|
8
|
+
step((generator = generator.apply(thisArg, _arguments || [])).next());
|
|
9
|
+
});
|
|
10
|
+
};
|
|
11
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
12
|
+
exports.filterDocumentByFieldPermissions = exports.hasAdditionalFieldsDefined = void 0;
|
|
13
|
+
const helpers_1 = require("../helpers");
|
|
14
|
+
const isObject = (value) => !!value && typeof value === 'object' && !Array.isArray(value);
|
|
15
|
+
const isFieldPermissionExpression = (value) => isObject(value) && ('read' in value || 'write' in value);
|
|
16
|
+
const getAdditionalFieldPermission = (additionalFields, fieldName) => {
|
|
17
|
+
if (!additionalFields || !isObject(additionalFields))
|
|
18
|
+
return undefined;
|
|
19
|
+
const byField = additionalFields[fieldName];
|
|
20
|
+
if (isFieldPermissionExpression(byField)) {
|
|
21
|
+
return byField;
|
|
22
|
+
}
|
|
23
|
+
if (isFieldPermissionExpression(additionalFields)) {
|
|
24
|
+
return additionalFields;
|
|
25
|
+
}
|
|
26
|
+
return undefined;
|
|
27
|
+
};
|
|
28
|
+
const canReadField = (context, permission) => __awaiter(void 0, void 0, void 0, function* () {
|
|
29
|
+
if (!permission)
|
|
30
|
+
return false;
|
|
31
|
+
const read = yield (0, helpers_1.evaluateExpression)(context.params, permission.read, context.user);
|
|
32
|
+
if (read)
|
|
33
|
+
return true;
|
|
34
|
+
return yield (0, helpers_1.evaluateExpression)(context.params, permission.write, context.user);
|
|
35
|
+
});
|
|
36
|
+
const canWriteField = (context, permission) => __awaiter(void 0, void 0, void 0, function* () {
|
|
37
|
+
if (!permission)
|
|
38
|
+
return false;
|
|
39
|
+
return yield (0, helpers_1.evaluateExpression)(context.params, permission.write, context.user);
|
|
40
|
+
});
|
|
41
|
+
const hasAdditionalFieldsDefined = (role) => typeof (role === null || role === void 0 ? void 0 : role.additional_fields) !== 'undefined';
|
|
42
|
+
exports.hasAdditionalFieldsDefined = hasAdditionalFieldsDefined;
|
|
43
|
+
const filterDocumentByFieldPermissions = (context, mode, options) => __awaiter(void 0, void 0, void 0, function* () {
|
|
44
|
+
var _a, _b;
|
|
45
|
+
const source = (_a = context.params) === null || _a === void 0 ? void 0 : _a.cursor;
|
|
46
|
+
if (!isObject(source))
|
|
47
|
+
return {};
|
|
48
|
+
const document = {};
|
|
49
|
+
const fields = (_b = context.role.fields) !== null && _b !== void 0 ? _b : {};
|
|
50
|
+
const additionalFields = context.role.additional_fields;
|
|
51
|
+
for (const [key, value] of Object.entries(source)) {
|
|
52
|
+
const fieldPermission = fields[key];
|
|
53
|
+
const permission = fieldPermission !== null && fieldPermission !== void 0 ? fieldPermission : getAdditionalFieldPermission(additionalFields, key);
|
|
54
|
+
let allowed = (options === null || options === void 0 ? void 0 : options.defaultAllow) === true;
|
|
55
|
+
if (permission) {
|
|
56
|
+
allowed =
|
|
57
|
+
mode === 'read'
|
|
58
|
+
? yield canReadField(context, permission)
|
|
59
|
+
: yield canWriteField(context, permission);
|
|
60
|
+
}
|
|
61
|
+
if (allowed) {
|
|
62
|
+
document[key] = value;
|
|
63
|
+
}
|
|
64
|
+
}
|
|
65
|
+
return document;
|
|
66
|
+
});
|
|
67
|
+
exports.filterDocumentByFieldPermissions = filterDocumentByFieldPermissions;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../../../src/utils/roles/machines/read/A/index.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../../../src/utils/roles/machines/read/A/index.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,MAAM,EAAE,MAAM,iBAAiB,CAAA;AAGxC,eAAO,MAAM,aAAa,EAAE,MAuB3B,CAAA"}
|
|
@@ -10,6 +10,7 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
|
|
|
10
10
|
};
|
|
11
11
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
12
12
|
exports.STEP_A_STATES = void 0;
|
|
13
|
+
const commonValidators_1 = require("../../commonValidators");
|
|
13
14
|
const utils_1 = require("../../utils");
|
|
14
15
|
exports.STEP_A_STATES = {
|
|
15
16
|
checkSearchRequest: (_a) => __awaiter(void 0, [_a], void 0, function* ({ context, next, goToNextValidationStage }) {
|
|
@@ -24,14 +25,14 @@ exports.STEP_A_STATES = {
|
|
|
24
25
|
}
|
|
25
26
|
return goToNextValidationStage();
|
|
26
27
|
}),
|
|
27
|
-
evaluateSearch: (_a) => __awaiter(void 0, [_a], void 0, function* ({ context, endValidation }) {
|
|
28
|
+
evaluateSearch: (_a) => __awaiter(void 0, [_a], void 0, function* ({ context, endValidation, goToNextValidationStage }) {
|
|
28
29
|
(0, utils_1.logMachineInfo)({
|
|
29
30
|
enabled: context.enableLog,
|
|
30
31
|
machine: 'A',
|
|
31
32
|
step: 2,
|
|
32
33
|
stepName: 'evaluateSearch'
|
|
33
34
|
});
|
|
34
|
-
|
|
35
|
-
return endValidation({ success: false });
|
|
35
|
+
const check = yield (0, commonValidators_1.evaluateTopLevelPermissionsFn)(context, 'search');
|
|
36
|
+
return check ? goToNextValidationStage() : endValidation({ success: false });
|
|
36
37
|
})
|
|
37
38
|
};
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../../../src/utils/roles/machines/read/C/index.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../../../src/utils/roles/machines/read/C/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,iBAAiB,CAAA;AAQxC,eAAO,MAAM,aAAa,EAAE,MAyC3B,CAAA"}
|
|
@@ -10,10 +10,10 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
|
|
|
10
10
|
};
|
|
11
11
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
12
12
|
exports.STEP_C_STATES = void 0;
|
|
13
|
-
const validators_1 = require("./validators");
|
|
14
13
|
const utils_1 = require("../../utils");
|
|
14
|
+
const validators_1 = require("./validators");
|
|
15
15
|
exports.STEP_C_STATES = {
|
|
16
|
-
evaluateTopLevelRead: (_a) => __awaiter(void 0, [_a], void 0, function* ({ context, next
|
|
16
|
+
evaluateTopLevelRead: (_a) => __awaiter(void 0, [_a], void 0, function* ({ context, next }) {
|
|
17
17
|
(0, utils_1.logMachineInfo)({
|
|
18
18
|
enabled: context.enableLog,
|
|
19
19
|
machine: 'C',
|
|
@@ -21,12 +21,7 @@ exports.STEP_C_STATES = {
|
|
|
21
21
|
stepName: 'evaluateTopLevelRead'
|
|
22
22
|
});
|
|
23
23
|
const check = yield (0, validators_1.evaluateTopLevelReadFn)(context);
|
|
24
|
-
|
|
25
|
-
return (0, validators_1.checkFieldsPropertyExists)(context)
|
|
26
|
-
? next('checkFieldsProperty')
|
|
27
|
-
: endValidation({ success: true });
|
|
28
|
-
}
|
|
29
|
-
return next('evaluateTopLevelWrite', { check });
|
|
24
|
+
return next('evaluateTopLevelWrite', { readCheck: check });
|
|
30
25
|
}),
|
|
31
26
|
evaluateTopLevelWrite: (_a) => __awaiter(void 0, [_a], void 0, function* ({ context, next, endValidation }) {
|
|
32
27
|
var _b;
|
|
@@ -36,12 +31,18 @@ exports.STEP_C_STATES = {
|
|
|
36
31
|
step: 2,
|
|
37
32
|
stepName: 'evaluateTopLevelWrite'
|
|
38
33
|
});
|
|
39
|
-
const
|
|
40
|
-
|
|
41
|
-
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
|
|
34
|
+
const writeCheck = yield (0, validators_1.evaluateTopLevelWriteFn)(context);
|
|
35
|
+
const readCheck = (_b = context === null || context === void 0 ? void 0 : context.prevParams) === null || _b === void 0 ? void 0 : _b.readCheck;
|
|
36
|
+
if (readCheck === true || writeCheck === true) {
|
|
37
|
+
return (0, validators_1.checkFieldsPropertyExists)(context)
|
|
38
|
+
? next('checkFieldsProperty')
|
|
39
|
+
: endValidation({ success: true });
|
|
40
|
+
}
|
|
41
|
+
if (readCheck === false)
|
|
42
|
+
return endValidation({ success: false });
|
|
43
|
+
return (0, validators_1.checkFieldsPropertyExists)(context)
|
|
44
|
+
? next('checkFieldsProperty')
|
|
45
|
+
: endValidation({ success: false });
|
|
45
46
|
}),
|
|
46
47
|
checkFieldsProperty: (_a) => __awaiter(void 0, [_a], void 0, function* ({ context, goToNextValidationStage }) {
|
|
47
48
|
(0, utils_1.logMachineInfo)({
|
|
@@ -50,7 +51,6 @@ exports.STEP_C_STATES = {
|
|
|
50
51
|
step: 3,
|
|
51
52
|
stepName: 'checkFieldsProperty'
|
|
52
53
|
});
|
|
53
|
-
|
|
54
|
-
return goToNextValidationStage(check ? 'checkIsValidFieldName' : 'checkAdditionalFields');
|
|
54
|
+
return goToNextValidationStage('checkIsValidFieldName');
|
|
55
55
|
})
|
|
56
56
|
};
|
|
@@ -12,14 +12,14 @@ Object.defineProperty(exports, "__esModule", { value: true });
|
|
|
12
12
|
exports.checkFieldsPropertyExists = exports.evaluateTopLevelWriteFn = exports.evaluateTopLevelReadFn = void 0;
|
|
13
13
|
const commonValidators_1 = require("../../commonValidators");
|
|
14
14
|
const evaluateTopLevelReadFn = (context) => __awaiter(void 0, void 0, void 0, function* () {
|
|
15
|
-
if (context.params.type
|
|
15
|
+
if (!['read', 'search'].includes(context.params.type)) {
|
|
16
16
|
return false;
|
|
17
17
|
}
|
|
18
18
|
return (0, commonValidators_1.evaluateTopLevelPermissionsFn)(context, 'read');
|
|
19
19
|
});
|
|
20
20
|
exports.evaluateTopLevelReadFn = evaluateTopLevelReadFn;
|
|
21
21
|
const evaluateTopLevelWriteFn = (context) => __awaiter(void 0, void 0, void 0, function* () {
|
|
22
|
-
if (!['read', 'write'].includes(context.params.type)) {
|
|
22
|
+
if (!['read', 'search', 'write'].includes(context.params.type)) {
|
|
23
23
|
return undefined;
|
|
24
24
|
}
|
|
25
25
|
return (0, commonValidators_1.evaluateTopLevelPermissionsFn)(context, 'write');
|
|
@@ -19,7 +19,7 @@ const runCheckIsValidFieldName = (_a) => __awaiter(void 0, [_a], void 0, functio
|
|
|
19
19
|
step: 2,
|
|
20
20
|
stepName: 'checkIsValidFieldName'
|
|
21
21
|
});
|
|
22
|
-
const document = (0, validators_1.checkIsValidFieldNameFn)(context);
|
|
22
|
+
const document = yield (0, validators_1.checkIsValidFieldNameFn)(context);
|
|
23
23
|
return endValidation({ success: !!Object.keys(document).length, document });
|
|
24
24
|
});
|
|
25
25
|
exports.STEP_D_STATES = {
|
|
@@ -1,4 +1,4 @@
|
|
|
1
1
|
import { MachineContext } from '../../interface';
|
|
2
2
|
export declare const checkAdditionalFieldsFn: ({ role }: MachineContext) => boolean;
|
|
3
|
-
export declare const checkIsValidFieldNameFn: (
|
|
3
|
+
export declare const checkIsValidFieldNameFn: (context: MachineContext) => Promise<import("bson/bson").Document>;
|
|
4
4
|
//# sourceMappingURL=validators.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"validators.d.ts","sourceRoot":"","sources":["../../../../../../src/utils/roles/machines/read/D/validators.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"validators.d.ts","sourceRoot":"","sources":["../../../../../../src/utils/roles/machines/read/D/validators.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,cAAc,EAAE,MAAM,iBAAiB,CAAA;AAEhD,eAAO,MAAM,uBAAuB,GAAI,UAAU,cAAc,YAE/D,CAAA;AAED,eAAO,MAAM,uBAAuB,GAAU,SAAS,cAAc,0CAOpE,CAAA"}
|